Richard Stiennon

Latest Posts

Last bastion of trust falls

Last bastion of trust falls

IT security practices have always been dominated by trust, often myopically. Specialized applications are still deployed with the assumption that end users, be they customers, contractors, or employees, would not attempt to abuse that trust.

July 19, 2007 by in Security

UTM in Asia

UTM in Asia

I have UTM on my mind. As I travel through Asia these two weeks I am meeting with journalists, analysts, and large telecom providers and they all want to debate UTM (Unified Threat Management).

July 17, 2007 by in Networking

Your DBA has his/her hand in the till

Your DBA has his/her hand in the till

I have written and pontificated often enough on the dangers of trusted employees. One of the biggest shifts underway in the threatscape is due to the increased value of personal identity information and the emergence of markets for that information.

July 10, 2007 by in Mobility

Differences

Differences

I am gaining interesting insights into differences in technology adoption as I travel to various parts of the world. Today I am in Beijing where I have met with customers, prospects, analysts, and journalists.

July 8, 2007 by in China

Schneier on ID theft

Schneier on ID theft

I am attending the IT Security Summit 2007 here in Johannesburg this week. It’s a busy week for conferences with Interop in Vegas and AusCERT in session in Australia.

May 23, 2007 by in AUSCERT

Hactivism or information warfare?

Hactivism or information warfare?

Just as the term "cyber terrorism" gets linguists all riled up, "information warfare" is sure to elicit the wrath of security pundits and bloggers alike. While I will be the first to acknowledge that cyber terrorism is a problematic term (no loss of life or limb from shutting down an Internet service), I do ask what do you call it when terrorist organizations engage in hacking and cyber crime?

May 12, 2007 by in Security

Spoofing NAC

Spoofing NAC

Remember Stiennon's first law of network security?  It is:  Thou shalt not trust an end point to report its own state.

April 2, 2007 by in Cisco

That's a lot of credit cards

That's a lot of credit cards

The TJX data breach story keeps growing.  I hope everyone can tell the difference between a false alarm data breach like the laptop theft at the VA that got so much attention and the Card Systems International breach and now the TJX incident.

March 22, 2007 by in Big Data

Competitive intelligence gathering

Competitive intelligence gathering

The world of CI (competitive intelligence) spans the spectrum from analytical data gathering to seamy shoulder surfing and of course the use of custom Trojan horses.  This article in Forbes describes how you can get insight into a company's future product plans by researching their job postings.

March 20, 2007 by in Google

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All

Most Popular